-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Database password written to process list #2014
Comments
This is probably best addressed by either
|
Those are both good ideas and reasonable solutions but I don't think that they go far enough. As long as you accept a database URI on the command line, the application should venture to obscure the password from visibility. IMO this is actually a security issue but I did not see anywhere to submit security bugs. |
FYI, You can submit security issues to [email protected], but no need to change or resubmit this issue since it is already in the open. |
This is related to k3s-io#2014. Signed-off-by: Brad Davidson <[email protected]>
This is related to k3s-io#2014. Signed-off-by: Brad Davidson <[email protected]>
This is related to k3s-io#2014. Signed-off-by: Brad Davidson <[email protected]>
This is related to k3s-io#2014. Signed-off-by: Brad Davidson <[email protected]>
This is related to k3s-io#2014. Signed-off-by: Brad Davidson <[email protected]>
This is related to k3s-io#2014. Signed-off-by: Brad Davidson <[email protected]>
@plockaby does this work for you? |
This is perfect. Thanks for looking into it so quickly! |
Validated using the current latest commitThis now just shows the server or agent command, without additional args:
|
Environmental Info:
K3s Version: k3s version v1.18.4+k3s1 (97b7a0e)
Node(s) CPU architecture, OS, and Version: Linux pluto 4.19.0-9-amd64 #1 SMP Debian 4.19.118-2+deb10u1 (2020-06-07) x86_64 GNU/Linux
Cluster Configuration: one master, five workers
Describe the bug:
If you initialize a k3s cluster with database connection details in it those details are written directly to ps. For example:
Steps To Reproduce:
Expected behavior:
I would expect, at a minimum, that the password would be replaced with asterisks in the ps output. It might also be great to be able to put the password into a configuration file rather than store it in the systemd configuration file.
Actual behavior:
The password is free to anyone to see who has any access to the system.
Additional context / logs:
I suppose that one such solution to this would be to put the postgres database password into a .pgpass file owned by root but that wouldn't work for mysql, I don't think.
The text was updated successfully, but these errors were encountered: